MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

new: [securityAudit] Check expose_php setting

pull/7975/head
Jakub Onderka 2021-11-20 21:39:10 +01:00
parent ba71bee293
commit fc16acb070
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Lib/Tools/SecurityAudit.php
View File

@ -227,6 +227,13 @@ class SecurityAudit
];
}
if (ini_get('expose_php')) {
$output['PHP'][] = [
'hint',
__('PHP `expose_php` setting is enabled. That means that PHP version will be send in `X-Powered-By` header. This can help attackers.'),
];
}
if (extension_loaded('xdebug')) {
$output['PHP'][] = [
'error',